Sinter — Sinter uses the user-mode EndpointSecurity API to subscribe to and receive authorization callbacks from the macOS kernel, for a set of security-relevant event types. The current version of Sinter supports allowing/denying process executions; in future versions we intend to support other types of events such as file, socket, and kernel events. Inspired by Google Santa (Santa because it decides if executables are naughty or nice), but aiming to vet more than executables.
Extracting Info from Invoices — Turns out this is a double-hard problem: hard to get the algorithm good, and hard to get training sets. Info extraction datasets are, well, full of information. And if the info you want to extract is financial, or personally-identifying, or otherwise sensitive, then there aren’t generally freely-available training sets. There is no training dataset for invoices.
Why is Science Hard for People to Trust — An interesting set of ideas, but these sentences have been echoing around my head: We hate being wronged, and it makes us vengeful. On the other hand, we don’t necessarily love being “done right by,” and we don’t have a particular motivation that comes from it. There’s no “positive” version of revenge. I wonder how this changes social software design.
What ARGs Can Teach Us About QAnon — (Adrian Hon) A very thoughtful comparison between ARGs and conspiracy theories. These are useful steps but will not stop QAnon from spreading in social media comments or private chat groups or unmoderated forums. It’s not something we can reasonably hope for, and I don’t think there’s any technological solution (e.g. browser extensions) either. The only way to stop people from mistaking speculation from fact is for them to want to stop.
Read more: feedproxy.google.com